News

Events

Search

Search form

Misconfigured SOCKS filtering

This script is Copyright (C) 2010-2011 Tenable Network Security, Inc.

Synopsis :

Network access policies may be circumvented.

Description :

A private network can be reached through the SOCKS proxy.

The reachable IP address of this SOCKS proxy is public, and its
'external' address is private. Using the SOCKS proxy, an attacker may
connect to internal machines that run on RFC1918 addresses, which are
expected to be unreachable from the public Internet.

Solution :

Reconfigure the proxy so that it rejects connections on its public
interface or at least, enforces authentication.

Training & Certification

The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.